Sending alerts from ASM to RESTMon
search cancel

Sending alerts from ASM to RESTMon

book

Article ID: 274597

calendar_today

Updated On:

Products

CA App Synthetic Monitor

Issue/Introduction

I have a use case to send alerts (for certificate expiration) from ASM to RESTMon, can you please let me know if this is possible, and provide assistance with RESTMon schema creation.

 

The options that are available in ASM for sending to an URL (API) are as follows:

- Action URL

- User

- Required

- Secret

 

I'm not sure what payload ASM would send to that URL, so that may be an extra question to investigate.

Required

Environment

Release : SAAS

Resolution

The current implementation of the action URL alert is as follows: the contact address is the URL. Sending message is effectively creating a POST request with these headers:

Content-Type: application/x-www-form-urlencoded
X-Asm-Message-Id: [some string] 

and the content (body) of the request is:
[
 'id' => 'XXXX',
 'status' => 'XXXX',
 'message' => 'CA App Synthetic Monitor test message',
 'since' => 'XXXX',
 'errors' => 'XXXX',
 'rid' => 'XXXX',
 'uid' => 'XXXX',
 'name' => 'XXXX',
 'type' => 'XXXX',
 'host' => 'XXXX',
 'port' => 'XXXX',
 'path' => 'XXXX',
 'cloudmonitor' => '',
]

Additionally, you can configure authentication (basic or bearer). The bearer authentication can be currently created via APIv3 only, in the next release it will be available in UI too.

There are some limitations:
* cannot send json (would be an easy enhancement)
* cannot define custom content (except extra parameters in the url)


As for certificate expiration:

we do not have a certificate-validity monitor yet. It is planned but not for the near future. The current certificate expiration monitoring is kind of an addon to existing monitors. It is done daily by collecting all hostnames used in monitors with SSL on (e.g. https). Such certificates are tested and an alert is sent to email,sms and rss contacts assigned to the corresponding monitors (only one message per hostname, not per monitor). Thus, action url contacts are ignored.

A standard monitor also fails once the certificate has expired but it won't alert in advance. For this, a new monitor type is needed, as mentioned above.